Cross-site Scripting Vulnerability in Flashy Theme by duwasai
CVE-2025-23979
7.1HIGH
What is CVE-2025-23979?
The Flashy theme from duwasai exhibits a vulnerability characterized by improper neutralization of input during web page generation. This reflected XSS vulnerability allows attackers to inject malicious scripts into web pages viewed by users, potentially compromising user data and session integrity. Affected users should consider upgrading to a secure version to mitigate this risk.
Affected Version(s)
Flashy <= 1.2.1